General

  • Target

    cfb87ff5cca17dd1d5e7fb07878aa6d3d881a9d80de3bfab8443983fa31d7d26

  • Size

    162KB

  • Sample

    210623-a8lca9r16s

  • MD5

    51d9bcb0dee0043ec224d4c2355a8f48

  • SHA1

    df7be243924aeb6ebd9330e9e9e8fa8039f43bfd

  • SHA256

    cfb87ff5cca17dd1d5e7fb07878aa6d3d881a9d80de3bfab8443983fa31d7d26

  • SHA512

    0a35c3e597e45a13c9eca790080bdd8b23420892cdeb3d8c3c9c9f2674338d39f20728f59f7485cc7bb538caf7802a8b835abf1a6d238fd7003492c544485b2c

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      cfb87ff5cca17dd1d5e7fb07878aa6d3d881a9d80de3bfab8443983fa31d7d26

    • Size

      162KB

    • MD5

      51d9bcb0dee0043ec224d4c2355a8f48

    • SHA1

      df7be243924aeb6ebd9330e9e9e8fa8039f43bfd

    • SHA256

      cfb87ff5cca17dd1d5e7fb07878aa6d3d881a9d80de3bfab8443983fa31d7d26

    • SHA512

      0a35c3e597e45a13c9eca790080bdd8b23420892cdeb3d8c3c9c9f2674338d39f20728f59f7485cc7bb538caf7802a8b835abf1a6d238fd7003492c544485b2c

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v6

Tasks